package com.zzw.config;

import com.zzw.utils.PasswordEncoderUtil;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.springframework.stereotype.Component;

/**
 * BCrypt凭证匹配器
 * 用于Shiro框架中验证BCrypt加密的密码
 */
@Component
public class BCryptCredentialsMatcher implements CredentialsMatcher {
    
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken userToken = (UsernamePasswordToken) token;
        
        // 获取用户输入的明文密码
        String inputPassword = new String(userToken.getPassword());
        
        // 获取数据库中存储的加密密码
        String dbPassword = info.getCredentials().toString();
        
        // 使用BCrypt验证密码
        return PasswordEncoderUtil.matches(inputPassword, dbPassword);
    }
} 